Описание
Incorrect Access Control in Ignition
The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Laravel has a "fix variable names" feature that can lead to incorrect access control.
Пакеты
Наименование
facade/ignition
composer
Затронутые версииВерсия исправления
< 1.16.15
1.16.15
Наименование
facade/ignition
composer
Затронутые версииВерсия исправления
>= 2.0.0, < 2.0.6
2.0.6
Связанные уязвимости
CVSS3: 9.8
nvd
около 4 лет назад
The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Laravel has a "fix variable names" feature that can lead to incorrect access control.